Internet Safety: How to Protect Yourself - Case Study Example

This report is designed to describe how to protect organization network which has a connection to the internet. This will help organizationsto make some changes or improvements in their system and to be more secured and safe. The report uses some useful internet websites and articles which contains important and relevant information security. The results show the security issue include vulnerability and social engineering and how it becomes a threat for any organization which has a connection with the internet. It also shows cross site scripting (abbreviated as CSS or XSS) as one of the most common application level attacks that hackers use to slink into web applications today. The report presents some recommendations such as apply some policy, training their employers and employing softwares for security checks. 1. Introduction With the advanced technology that we have right now, security issue has become an essential problem for any organization, which uses the Internet, around the world. As stated by Charles and Shari (23, 2002), the security of an organization is important to protect it from any criminal damage. The software vulnerabilities and social engineering in an organization system that cyber-criminals target is the most important issue in security measures. The aim of this research is to investigate how to protect an organization that uses Internet connection from being targeted because of the vulnerability of their system. This report will discuss general issues related to Internet connectivity, software vulnerabilities, social engineering and specific vulnerability which is Cross Site Scripting (XSS). It will also provide a discussion and recommendation that will help organizations against hackers and other criminal activities directed in breaching their security. 2. Discussion General issues related to Internet connectivity 2.1.1 Information security issues Hacking a system or a database is the largest threat to network security for most organizations. IP addresses can easily be obtained through search engines like Google and Yahoo. As a result, the Internet gives easy access to an organization’s system or database for millions of unknown users in the world. And because the users are unknown, it creates additional challenges to the security departments. In addition to the countless unknown users, the links of different systems and database between organizations through the use of the World Wide Web makes it easier for one to access the linked systems. Moreover, the linked access introduces a considerably magnified potential for virus spread. The vulnerability of the system is the primary weakness of an organization’s system. This actually helps the attacker to access the system. And a security risk with one or more well-known examples of working and fully-implemented attacks is categorized as an exploit. An exploit damages the system and database of an organization and there needs to be a security repair deployed. The period from when the security risk is identified to the time of its repair is called a vulnerability window (SANS 2007). An example of an exploit is the deployment of Internet worms. Between 2002 and 2005, Microsoft Windows worms such as Blaster, Nachi, Sasser and Zotob contaminated a lot of systems on the Internet (Wang 2008). Vulnerabilities that established anti-virus, support or other application software, can lead to a problem with worms. The most recent year buzzed with news regarding a worm exploiting the Symantec anti-virus buffer overflow flaw (Microsoft). According to Microsoft, the vulnerable systems on their client side were found in the office software, media players, browser and other desktop applications. Another security risk is the access of Internet by the users. Majority of the vulnerabilities, around fifty percent, can be found in the Web application. Reliable websites are being used and changed into malignant servers for exploits and phishing scams. The defaulting formations for a lot of services and operating systems are weak since most contains default passwords. Consequently, in 2007 a lot of systems have been broken by brute-force password guessing attacks and via dictionary (SANS 2007). Moreover, attackers are discovering more inventive ways to get sensitive data from organizations. For that reason, it is important to make sure of the nature of the data leaving and going into the organization’s database is secured and safe. 2.1.2 Software vulnerabilities Vulnerability is a weakness in system which lets an attacker to break the integrity of that system. Vulnerabilities might result from weak passwords, software bugs, a computer virus or other malwares, a script code injection, a SQL injection or misconfiguration (Kannan, 2009). Software vulnerability could be described as a bug in the software which may let an attacker to gain illegal access to some sources. The Web application as a software is threatened by attackers in many ways. The Open Web Application Security Projects (OWASP) explores the top ten vulnerabilities that present the highest risk to Web application environments. The top ten vulnerabilities in the second version (2007) are Cross Site Scripting (XSS), Injection Flaws, Malicious File Execution, Insecure Direct Object Reference, Cross Site Request Forgery (CSRF), Information Leakage and Improper Error Handling, Broken Authentication and Session Management, Insecure Cryptographic Storage, Insecure Communications, Failure to Restrict URL Access (Black 2008). a. Injection Flaws: Injection Flaws is one of the main attacks against web applications by using a form of code. The attacker achieves his aim by injecting a malicious code when data is passed to a web application. The malicious code will then be executed. There are many types of injection flows such as SQL injection, XML injection, Command injection, AJAX injection, and SSI injection (Popa 2009). b. Malicious File Execution: Malicious File Execution is prevalent with its attacks to PHP applications. The attacker uploads the malicious content that will be performed by the host application. The web server runs an arbitrary code managed by the attacker by altering the unseen areas from the PHP expressions(Popa 2009). For example, a prevalent vulnerable construct is: include $_REQUEST[filename’]; Accessing local file server can be used by the code above. Another code is: Read More